YouTubeXLinkedIn

BitGo Retail is here. Learn more.

 skip to content

BitGo Privacy

BitGo Privacy

Last updated: January 15, 2025

Global Privacy Notice 

1. INTRODUCTION

BitGo Holdings, Inc. and its subsidiaries and affiliates (“BitGo,” “we”, “our” or “us”) respect the privacy rights of users and recognize the importance of protecting your information. Privacy and data protection are a top priority for us, and we encourage you to read this Global Privacy Notice fully to understand our privacy practices. Please understand that BitGo reserves the right to change this notice at any time, but you can find the latest version here on this page.

2. SCOPE AND APPLICABILITY

This Global Privacy Notice (“Notice”) explains how we collect, use, retain, delete, disclose, and transfer, and protect your Personal Data (defined below) and the available choices you have with regard to your Personal Data when you interact with us in any of the following ways (collectively, the “services”):

  • By visiting BitGo’s websites at www.bitgo.com,

  • By using our services and platform products, such as hot wallets, qualified custody cold wallets, trading, lending, staking, settlement services, escrow services, transfer agent, and portfolio management and tax reporting and reconciliation tool,

  • By interacting or communicating with us as part of our marketing practices,      

  • By connecting with us at industry events and conferences,

  • By applying for a job,

  • By communicating for legal or compliance reasons, which may include litigation and defense of claims, and

  • By interacting or transacting with us in connection with partnership, licensing or other business opportunities.     

Note that certain BitGo products or relationships may be covered under separate agreements with BitGo. If you have such an agreement in place with BitGo, then the terms of that agreement will supersede the Notice where the terms overlap.

This Notice also describes the choices that you have with respect to their Personal Data, and how to contact BitGo to learn more about our privacy practices.

  • If you have obtained a financial product or service with BitGo to be used primarily for personal, family, or household purposes, we will use and share any information, including Personal Data that we collect from or about you in accordance with our U.S. CONSUMER FINANCIAL PRIVACY NOTICE, which provides certain choices with respect to the use and sharing of your Personal Data.

  • If you are a California resident, you may have rights under the California Consumer Privacy Act. For more information please visit our CALIFORNIA PRIVACY NOTICE below. 

  • Residents of the European Economic Area (“EEA”) or the United Kingdom (“UK”) may have additional rights regarding their Personal Data. For more information please visit our GDPR PRIVACY NOTICE below.

3. PERSONAL DATA WE COLLECT

We may collect personal data about you (all such personal data, “Personal Data”) in several ways when you use our services, as described below. 

Information You Provide. We collect the information you provide to us directly when you use our services. You can choose to provide Personal Data for:  

  • Account Creation – We may collect the following Personal Data about you when you create a BitGo account.

  • name

  • phone number

  • email address

  • country of residence

  • date of birth

  • Institutional Account Creation – If you are creating an account for a business, we may collect information about the institution such as:

  • Employer Identification Number (EIN), 

  • proof of legal formation (e.g., articles of incorporation/by-laws), 

  • “Account Creation” information listed above about beneficial owners

  • Identity Verification – In addition to the Personal Data described under “Website Use,” we may collect the following Personal Data for identity verification for BitGo business wallets; qualified custody; trading, borrowing and lending; and hot wallet users such as:

  • country of citizenship

  • identification information such as your driver’s license, federal/state ID card, Tax ID number, or other government-issued ID

  • Social Security Number 

  • tax ID number

  • video call footage to verify your identity

  • copies of your government-issued identification 

  • proof of residency documentation (e.g., copies of utility bills)

  • other information you choose to provide to us as part of identity verification.  

  • Financial Information – We may collect financial and bank account information in providing our services for example when we integrate with your financial institutions.

  • Biometric Data – We may collect Personal Data that constitutes biometric data. You can learn more about our collection, processing, and disclosing of biometric data by reviewing our BIOMETRIC DATA PRIVACY POLICY

  • Newsletter – When you sign up to our newsletter, you provide us with your email. 

  • Correspondence – We may collect Personal Data you provide us when you reach out to us including in providing feedback, surveys, and customer support.

  • Job Applications – If you apply for a job with BitGo we may collect the following Personal Data about you:

  • name

  • email

  • phone number

  • mailing address

  • job history such as job titles and responsibilities

  • resume/CV

  • residency documentation

  • government ID

  • information about your references

  • any other Personal Data you choose to submit along with your application including your LinkedIn profile or U.S. Equal Opportunity Employment Information. 

  • Marketing Activities – If you attend our events, business meetings, or visit our booth at industry conferences  we may collect one or more of the following business contact information about you: 

  • Name

  • Email

  • company

  • job title/role

  • other information that may be contained on your business card, if you choose to provide one

  • other information you choose to provide with us.     

Information We Collect from Third Parties. We collect the following information from third parties:

  • Referrals and Account Participant Invitations – We receive information about you, such as your name and email address, if a BitGo user refers you to our platform or invites you to participate on their account as an administrator, viewer, or spender. 

  • Integrations – We receive information about you via services you choose to use or integrate with, such as where you link accounts from other service providers including other cryptocurrency service providers.

  • Third Party Sign In – If you log in to our services using credentials from a third party (for example, Google), we will receive information that you have made public via your privacy settings with that third party.

  • Identity Verification Services – We may receive the same Personal Data described under “Identity Verification” above from our identity verification service providers.

  • Social Media – We may collect Personal Data about you from social media such as LinkedIn. For example, we may collect information about job applicants from their LinkedIn profile. 

  • Business Marketing Vendors – We may receive Personal Data about you in the context of your employment from third parties (for example, ZoomInfo).

Publicly Available Information. We collect information about you via the following publicly available resources when you use our services:

  • Google search 

  • Blockchain

  • Public digital address 

Note, we may combine information received from third parties or publicly available resources with information we have collected directly from you.  We may also combine information from your profile with information submitted from surveys.

Information We Automatically Collect. When you use our websites,, we use cookies and other tracking technologies to collect the following information about you:

  • Transaction Information – We may collect information about the transactions you make using our Services, such as the names of the recipient, transaction amount, and timestamp.

  • Blockchain Data - We may analyze public blockchain data, including wallet addresses, transaction IDs, timestamps of transactions or events, transaction amounts, and digital signatures.

  • Website Metadata and Analytics – We may collect information about how you use our services such as:

  • unique device identification numbers

  • device type

  • operating system version

  • browser type 

  • pages viewed

  • links clicked 

  • IP address 

  • date and time of visit

  • number of times you return to our website. 

  • Data from Cookies and Other Similar Tracking Technologies – We, and third parties we authorize, may use cookies, web beacons, and similar technologies to record your preferences, track the use of our Sites and mobile apps, and collect information about the use of the Services, as well as about our interactions with you. Learn more about our cookie use in ‘COOKIES AND OTHER TRACKING TECHNOLOGIES’ below.


For information on how to manage your cookies preferences, please visit www.aboutcookies.org.  

4. HOW WE USE PERSONAL DATA

We use Personal Data we have about you as described below.

  • Provide Our Services – We use the information we have about you to manage your account and provide our services, including but not limited to, creating and updating user accounts; verifying identification information; providing and operating hot wallets and qualified custody cold wallets; performing lending, staking, settlement services; performing escrow services, and portfolio management and tax reporting and reconciliation tool. Communicate with You – We use the information we have about you to respond to your inquiries, requests, and/or send important notices. This includes, for example, delivering periodic emails related to company news, updated policies, product/service updates and information, job openings, or press releases. 

  • Market Our Services – We use the information we have about you to market our services. This includes, for example, sending you email communications about products, offerings, events and webinars or customized offers or materials.

  • Safety and Security – We use the information we collect to ensure the safety, quality, and availability of the services, including verifying your identity and detecting, preventing, and prosecuting those responsible for security incidents or malicious, deceptive, fraudulent, or illegal activity.

  • Customer Support – We use your information to diagnose and resolve issues with our services, provide technical and customer support, 

  • Improve Our Services – We use the information we have about you to improve our services. This includes, for example, identifying usage trends, developing data analysis, determining the effectiveness of our promotional campaigns, evaluating our business performance, researching, demonstrating, developing and improving our products and services, and ensuring quality control. 

  • Comply with The Law – We use the information we have about you to comply with applicable laws, regulations, and contractual obligations. This includes, for example, conducting compliance and/or security checks, audits, or assessments, enforcing our contracts and agreements with our customers, or complying with applicable law enforcement obligations.

  • Protect Our Assets – We use the information we have about you to protect our rights and interests, ensure the security of our assets, systems and networks, prevent, detect and investigate fraud, unlawful or criminal activities in relation to our services, and enforce our terms and conditions.

  • Other Purposes that require your consent – We may process your information where you otherwise provide your prior consent.

  • De-identified or Aggregate Information – We use the information we have about you to create de-identified or aggregate information, such as de-identified demographic or location information, information about devices used to access our services, or other relevant analyses.

  • Evaluate Candidacy of Job Applicants – We process job application information in order to evaluate the candidacy of job applicants. This may include, as permitted by law, performing background checks. 

If we decide to modify the purpose for which your Personal Data is collected and used, we will amend this Notice. 

5. HOW WE DISCLOSE PERSONAL DATA 

BitGo may disclose the Personal Data we have about you as described below.  

  • With Your consent. We may disclose your Personal Data with your consent.

  • Service Providers and Other Third Parties – We disclose information we have about you with third parties and service providers who assist us with administering the services. This may include, for example, IT service providers, data storage providers, and identity verification service providers. For example, we use Persona Identities, Inc. (“Persona”) for identity verification services to identify and authenticate you when you create an account with us or use our Services. Specifically, Persona will verify that the selfie or video you provide matches the photo on your government-issued ID. The information collected during this process may constitute biometric data, including facial recognition data and mathematical representations of your facial geometry. We do not sell or share your biometric data. You can learn more about our collection, processing, and disclosing of biometric data by reviewing our BIOMETRIC DATA PRIVACY POLICY.  

  • Across Our Affiliates – We disclose information across BitGo’s family of companies to, among other reasons, provide you with our services, prevent fraud, conduct identity verifications, comply with the law,  in the event of a sale, merger, acquisition, or other liquidity event.

  • For Advertising Purposes – We may disclose information to marketing and advertising providers including third party cookie providers. For more information see ‘COOKIES AND OTHER TRACKING TECHNOLOGIES’ section below.

  • Business Transaction – In the event of a reorganization, acquisition, merger, divestment or other sale of some or all of our assets or stock, or other business decision or transaction, such activity may require and/or result in the disclosing of your information as part of the evaluation of, or upon completion of, that transactional event. 

  • Legal, Regulatory, Safety, and Compliance Purposes – In certain situations, we may be required to disclose your information as required by law. These situations may include, but are not limited to:  

  • complying with a subpoena or other legal process requests;

  • protecting your rights;

  • protecting your safety or the safety of others;

  • investigating fraud; and

  • responding to a government request.

  • With Our Professional Advisors – We may disclose your information with our professional advisors such as accountants, auditors, lawyers, insurers, bankers, and blockchain forensic services in order to complete third-party audits or to comply with our legal obligations.

  • Aggregated Or De-identified Data – We may create de-identified or anonymous data from personal information by removing data components (such as your name or email address) that makes the data personally identifiable to you, or through obfuscation. We may disclose aggregated and/or anonymized data with others for their own uses.

Any third parties that we disclose your Personal Data to are limited by law and by contract in their ability to use your Personal Data. BitGo requires third party service providers acting on our behalf or with whom we disclose your information to provide appropriate security measures in accordance with industry standards and in compliance with this Notice, their privacy and security obligations, and any other appropriate confidentiality and security measures. However, we are not responsible for the privacy and data security practices of third parties outside of Personal Data we receive from or transfer to them.

6. HOW WE PROTECT PERSONAL DATA

At BitGo, we take our responsibility to protect the security and privacy of your Personal Data seriously. We are committed to maintaining the confidentiality, integrity, and security of your Personal Data and taking precautions to protect such information. We use reasonable and appropriate administrative, technical, and physical safeguards to protect information we have about you from loss, theft, and unauthorized use, access, modification, or destruction. We also require third party service providers acting on our behalf or with whom we disclose your information to maintain security measures consistent with industry standards in accordance with applicable data protection laws and regulations.

Additionally, to help protect your privacy and maintain security, we verify your identity before granting you access to your information or your account. Our verification methods include requesting that you log into your BitGo account, complete two-factor authentication, participate in a video call, and/or provide documents for identity verification. Notwithstanding our security safeguards, it is impossible to guarantee absolute security in all situations. 

7. RETENTION AND DELETION 

We will retain your Personal Data for as long as is necessary to fulfill the purposes set out in this Notice unless a longer retention period is required or permitted by law (such as tax, legal, accounting or other purposes). 

We will retain your marketing contact information until you request deletion of such information.

We will retain biometric data as detailed in the BIOMETRIC DATA PRIVACY POLICY 

When we have no justifiable business need to process your Personal Data or there is no such required or permitted longer retention period, we will either delete or anonymize it. If deletion or anonymization is not possible (for example, your Personal Data may be stored in backup archives or for technical reasons), we will securely store your Personal Data and implement appropriate measures to prevent any further processing until deletion is possible.

If you request deletion of your Personal Data, we will consider your request in accordance with applicable laws.

8. COOKIES AND OTHER TRACKING TECHNOLOGIES

Like many companies, we use cookies and similar technologies (such as clear gifs, web beacons, tags, and similar technologies) (collectively, “Cookies”). Cookies vary in duration (they can be “persistent” or “session-based”), and by whom they are served (“first party” cookies are directly from us; “third party” cookies are from other parties on our behalf). They are only one of several types of technologies used to track online behavior.

Why We Use Cookies. At BitGo, we use cookies to: 

  • Administer our services 

  • Analyze services usage and trends

  • Track your browsing history

  • Improve the services functionality

  • For advertising and marketing

Managing Cookies & Online Tracking. Where appropriate or legally required, we will describe how we use the information collected about you so that you can make choices about how your information is used. 

  • Our Cookie Preference Center – You can opt out of cookies via our COOKIE PREFERENCE CENTER.

  • Blocking Cookies in Your Browser – You can control the use of cookies on your device at any time by changing your preferences or options in your browser settings. Each browser provides different mechanisms for managing cookies. You can usually find these settings in the “Options” or “Preferences” menu of your browser; otherwise, look at your browser’s help menu to determine the best way to modify your browser’s cookie storage.  You can also block, disable, or delete the cookies that are stored on your device. However, blocking, disabling, or deleting cookies may limit your ability to view all the pages on our services. To find out more about cookies, including how to see what cookies have been set and how to block and delete cookies, please visit http://www.aboutcookies.org/. 

  • “Do-Not-Track” – Some browsers allow a user to send “Do-Not-Track” signals to a website to prevent tracking of your activity.  At this time, we do not respond to web browser “Do-Not-Track” signals. To learn more about browser tracking signals and DNT, visit http://www.allaboutdnt.com.

  • With Each of Our Vendors Individually The following advertising or marketing services partners offer opt-out features that let you opt-out of use of your information for interest-based advertising or profiling:


Analytics Cookies

Google Analytics - Google Analytics Opt Out

HubSpot - HubSpot Privacy Policy

Third Party Advertising Services

LinkedIn - LinkedIn Privacy Policy

X (f/k/a Twitter) - X Privacy Policy

9. YOUR PRIVACY CHOICES

You may have the right, depending on your jurisdiction, to exercise the following choices with our use of your Personal Data:

  • Right to Know – You have the right to request what Personal Data we collect, use, disclose, or disclose about you, as applicable.

  • Right to Access/Portability – You can request access to and/or a copy of the Personal Data that we maintain about you.

  • Right to Delete – You can ask us to delete the Personal Data that we have collected or maintain about you, subject to exceptions. Please note that we are required to retain certain Personal Data and related data to comply with our legal obligations, including compliance with recordkeeping requirements contained in anti-money laundering, anti-terrorism, or other financial laws and regulations.

  • Right to Correct – You can ask us to correct inaccurate Personal Data we maintain about you. You can update certain account information by logging into your account.

  • Right to Opt Out – You can opt out of certain uses of your Personal Data:

  • Marketing and Promotional Communications. If you elect to receive periodic email communication from us (i.e., company news, product and service information), you may choose to opt out from receiving such communications by clicking the ‘Unsubscribe’ link provided in these emails.

  • Targeted Advertising – You may opt out of targeted advertising (see ‘COOKIES AND OTHER TRACKING TECHNOLOGIES’ above).

You can exercise these rights by contacting us at privacy@bitgo.com.   

10. U.S. STATE-SPECIFIC DISCLOSURE

Some U.S. states have enacted comprehensive privacy laws. The California Consumer Privacy Act, as amended by the California Privacy Rights Act or “CPRA” (collectively, the “CCPA”), the Virginia Consumer Data Protection Act (“VCDPA”), Colorado Privacy Act (“CPA”), the Connecticut Data Privacy Act (“CTDPA”), Utah Consumer Privacy Act (“UCPA”), Oregon Consumer Privacy Act (“OCPA”), Texas Data Privacy and Security Act (“TXDPSA”), and the Montana Consumer Data Privacy Act (“MTCDPA”) create additional privacy obligations for businesses and provide their residents with additional privacy rights.

Additional Privacy Rights – In addition to the rights granted above, if you are a resident of the above states, you may have the right to:

  • Opt out of the “sale” or “share” of your personal information for targeted advertising. Some third party cookies placed on our website may be considered a ‘sale’ or ‘share’ under these privacy laws. You may opt out of such cookies as detailed in ‘COOKIES AND OTHER TRACKING TECHNOLOGIES’ section (above). 

  • Sensitive personal information – BitGo only collects sensitive information that is necessary or advisable to provide the services in compliance with AML and other financial laws/regulations. By using the services, you agree to the collection and processing of sensitive personal information. Limiting our use of sensitive personal information would result in BitGo not being able to provide our services. 

You can exercise these rights by contacting us at privacy@bitgo.com or via the ‘Your Privacy Choices’ webform.  

If you would like to exercise your rights related to the data BitGo hosts on behalf of its institutional customers, then please contact that institution directly. BitGo cannot provide you with any information related to the personal information we process on behalf of our customers. 

Appeal – If we deny your privacy request, you may appeal that decision by emailing us at privacy@bitgo.com. If you are still unsatisfied with our response, you have the right to file a complaint with your state attorney general.

11. UK/EEA RESIDENTS NOTICE

Residents of the UK and EEA are provided certain privacy rights under the UK and EU General Data Protection Regulations (“GDPR”).

Legal Basis – Under the GDPR, we process ‘Personal Data’ (as defined in the GDPR) under the following legal basis.

  • Providing our services - Contract Fulfillment

  • Placement of cookies through our Website - Consent

  • Improving our Website and services - Legitimate Interest

  • Product, Marketing or Service-Related Communications - Legitimate Interest

  • Customer Support - Contract fulfillment

Controller/Processor Designation – If you are a direct user of BitGo (i.e. you created an account directly with BitGo), then we are ‘Controller’ of your personal data. If you are an indirect user of BitGo (i.e. you use the BitGo services through another entity (e.g., FTX Trading Ltd.)), then we are a ‘Processor’ of your personal data 

Cross-Border Data Transfers – If you are a resident of the EEA, UK, or Switzerland, we may transfer to, and store the data we collect about you, to countries other than the country in which the data was originally collected, including the United States. Those countries may not have equivalent data protection laws as the country in which you provided the data. When we transfer your data to other countries, we will protect the data as described in this Notice and comply with applicable legal requirements providing adequate protection for the transfer of data to countries outside the EEA, UK, and Switzerland. We rely on Standard Contractual Clauses (“SCCs”) for the transfer of personal data to countries that have not received an applicable adequacy decision, as well as the UK’s ‘International Data Transfer Addendum’ to the SCCs.

For more information on cross-border transfers of your Personal Data or the appropriate safeguards in place, please contact us at privacy@bitgo.com.     

Additional Rights for UK or European Economic Area Residents – In addition to the rights granted above, if you are a UK or EEA resident, the GDPR grants you the right to lodge a complaint against us with your local data protection authority. You can find your data protection authority at https://edpb.europa.eu/about-edpb/about-edpb/members_en

12. CHILDREN’S PRIVACY 

Our services are not intended for persons under the age of 18, and we do not knowingly or intentionally collect any Personal Data from, or market to, individuals under the age of 18. 

If you learn that an individual under the age of 18 has provided us with Personal Data contrary to these rules, please contact us at privacy@bitgo.com, we will take steps to delete the information.

13. THIRD PARTY SERVICES, APPLICATIONS, AND WEBSITES

We may provide you with opportunities to connect with certain third-party services, websites, or third-party applications, such as our integration partners. If you choose to use any third-party applications or services  to navigate to and from BitGo services, we share information with such third parties and they may contact you directly. 

This Notice does not apply to your use of such third-party applications, websites, and services, and BitGo is not responsible for how those third parties collect, use, and disclose your information. We encourage you to carefully review the user terms and privacy notices of those third parties before connecting to or using their  third-party applications, services, or websites to learn more about their information and privacy practices. 

14. CHANGES TO THIS NOTICE

We may change or update this Notice from time to time. If we make any changes, we will revise the date at the top of this Notice. If we make material changes to this Notice, it will either be noted on our website that material changes have been made or we will notify you by email. We encourage you to periodically review our Notice to stay informed about our data protection practices and the ways you can help protect your privacy.

15. CONTACT US

If you have questions about this Notice, or if you wish to exercise any of your rights in relation to your Personal Data, please contact us. You can write to us at the email address below: privacy@bitgo.com.